urlscan.io logo urlscan.io
SecurityTrails logo

bankline.itau.work Open in urlscan Pro
91.212.150.161  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://bankline.itau.work/login.php
Effective URL: https://bankline.itau.work/login.php
Submission Tags: @ipnigh
Submission: On April 18 via api from GB
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 6 IPs in 6 countries across 6 domains to perform 25 HTTP transactions. The main IP is 91.212.150.161, located in Russian Federation and belongs to NFORCE, NL. The main domain is bankline.itau.work.
TLS certificate: Issued by Let's Encrypt Authority X3 on April 16th 2020. Valid for: 3 months.
This is the only time bankline.itau.work was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Banco Itau (Banking)

Domain & IP information

IP Address AS Autonomous System
1 2 91.212.150.161 43350 (NFORCE)
1 2.18.233.32 16625 (AKAMAI-AS)
16 104.108.42.79 16625 (AKAMAI-AS)
1 2a00:1450:400... 15169 (GOOGLE)
4 54.171.13.159 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
1 1 66.117.28.86 15224 (OMNITURE)
25 6
2    91.212.150.161 (Russian Federation)

ASN43350 (NFORCE, NL)
bankline.itau.work
1    2.18.233.32 (Ascension Island)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-32.deploy.static.akamaitechnologies.com
www.itau.com.br
16    104.108.42.79 (Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a104-108-42-79.deploy.static.akamaitechnologies.com
estatico.itau.com.br
1    2a00:1450:4001:814::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
4    54.171.13.159 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-171-13-159.eu-west-1.compute.amazonaws.com
dpm.demdex.net
itau.demdex.net
2    2a00:1450:4001:818::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    66.117.28.86 (United States)

ASN15224 (OMNITURE, US)
cm.everesttech.net
Domain Requested by
16 estatico.itau.com.br bankline.itau.work
estatico.itau.com.br
2 itau.demdex.net www.itau.com.br
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 dpm.demdex.net www.itau.com.br
2 bankline.itau.work 1 redirects
1 cm.everesttech.net 1 redirects
1 www.googletagmanager.com www.itau.com.br
1 www.itau.com.br bankline.itau.work
25 8

This site contains links to these domains. Also see Links.

Domain
www.itau.com.br
guardiao.itau.com.br
itau.com.br
www.facebook.com
twitter.com
www.youtube.com
Subject Issuer Validity Valid
bankline.itau.work
Let's Encrypt Authority X3		 2020-04-16 -
2020-07-15		 3 months crt.sh
www.itau.com.br
DigiCert SHA2 Extended Validation Server CA		 2020-03-12 -
2022-06-11		 2 years crt.sh
*.google-analytics.com
GTS CA 1O1		 2020-04-01 -
2020-06-24		 3 months crt.sh
*.demdex.net
DigiCert SHA2 High Assurance Server CA		 2018-01-09 -
2021-02-12		 3 years crt.sh

This page contains 2 frames:

Primary Page: https://bankline.itau.work/login.php
Frame ID: 70505D2F274B49554A8BC10731149C60
Requests: 24 HTTP requests in this frame

Frame: https://itau.demdex.net/dest5.html?d_nsid=0
Frame ID: F8E658B261CF875B68EB703B5DB604CD
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://bankline.itau.work/login.php HTTP 301
    https://bankline.itau.work/login.php Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • url /\.php(?:$|\?)/i
Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Page Statistics

25
Requests

100 %
HTTPS

29 %
IPv6

6
Domains

8
Subdomains

6
IPs

6
Countries

1479 kB
Transfer

4646 kB
Size

4
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://bankline.itau.work/login.php HTTP 301
    https://bankline.itau.work/login.php Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 22
  • https://cm.everesttech.net/cm/dd?d_uuid=09879435724977119864563206492957920443 HTTP 302
  • https://dpm.demdex.net/ibs:dpid=411&dpuuid=XppicwAAAep3Fi3-

25 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request Cookie set login.php
bankline.itau.work/
Redirect Chain
  • http://bankline.itau.work/login.php
  • https://bankline.itau.work/login.php
18 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://bankline.itau.work/login.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
91.212.150.161 , Russian Federation, ASN43350 (NFORCE, NL),
Reverse DNS
Software
nginx / PHP/5.3.3
Resource Hash
0e40c09f0f8471f46459b9dcd69c1d06f8d76f0b9bbc4b49a9d734f6c462db72

Request headers

Host
bankline.itau.work
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
none
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1
Sec-Fetch-Dest
document
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Server
nginx
Date
Sat, 18 Apr 2020 02:13:51 GMT
Content-Type
text/html
Transfer-Encoding
chunked
Connection
close
X-Powered-By
PHP/5.3.3
Set-Cookie
agencia=deleted; expires=Fri, 19-Apr-2019 02:13:50 GMT conta=-
Content-Encoding
gzip

Redirect headers

Server
nginx
Date
Sat, 18 Apr 2020 02:13:51 GMT
Content-Type
text/html
Content-Length
162
Connection
keep-alive
Location
https://bankline.itau.work/login.php
importLibJSFrameworkDA.js
www.itau.com.br/_arquivosestaticos/Itau/defaultTheme/js/da/framework/ 		119 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.itau.com.br/_arquivosestaticos/Itau/defaultTheme/js/da/framework/importLibJSFrameworkDA.js?GTM-NNRPQN6
Requested by
Host: bankline.itau.work
URL: https://bankline.itau.work/login.php
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.32 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-32.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
6a0875dc45285559620fcd78e4d0c42688204399b666bb34ae84f08df7c835a5
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://bankline.itau.work/login.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sat, 18 Apr 2020 02:14:10 GMT
content-encoding
gzip
vary
Accept-Encoding
last-modified
Mon, 02 Mar 2020 21:24:20 GMT
status
200
etag
"15cb9-1dab9-59fe5cf6e6900"
x-frame-options
SAMEORIGIN
access-control-allow-methods
GET, POST
content-type
application/x-javascript
access-control-allow-origin
internet.itau.com.br
accept-ranges
bytes
content-length
38348
normalize.css
estatico.itau.com.br/ibanking/commons/css/ 		8 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://estatico.itau.com.br/ibanking/commons/css/normalize.css
Requested by
Host: bankline.itau.work
URL: https://bankline.itau.work/login.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.108.42.79 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-108-42-79.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
b5da2535938d1f28235c349dfd95e602eab8e837b885c8fc5459818b28897917

Request headers

Referer
https://bankline.itau.work/login.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sat, 18 Apr 2020 02:14:10 GMT
Content-Encoding
gzip
Last-Modified
Wed, 01 Apr 2020 17:48:11 GMT
ETag
"1020a4-1e37-5a23e49a86cc0"
Vary
Accept-Encoding
Content-Type
text/css
Access-Control-Allow-Origin
*
Cache-Control
max-age=83129
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3333
Expires
Sun, 19 Apr 2020 01:19:39 GMT
bootstrap.min_161019.css
estatico.itau.com.br/ibanking/commons/css/ 		203 KB
29 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://estatico.itau.com.br/ibanking/commons/css/bootstrap.min_161019.css
Requested by
Host: bankline.itau.work
URL: https://bankline.itau.work/login.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.108.42.79 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-108-42-79.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
df81555903269b534df2fc03456df06262033741338bb9293db14175fc978b38

Request headers

Referer
https://bankline.itau.work/login.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sat, 18 Apr 2020 02:14:10 GMT
Content-Encoding
gzip
Last-Modified
Wed, 16 Oct 2019 19:36:39 GMT
ETag
"1024a1-32d19-5950c38399fc0"
Vary
Accept-Encoding
Content-Type
text/css
Access-Control-Allow-Origin
*
Cache-Control
max-age=83082
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
28833
Expires
Sun, 19 Apr 2020 01:18:52 GMT
acessibilidade-novainternet_051119.css
estatico.itau.com.br/ibanking/commons/css/pessoa-fisica/ 		55 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://estatico.itau.com.br/ibanking/commons/css/pessoa-fisica/acessibilidade-novainternet_051119.css
Requested by
Host: bankline.itau.work
URL: https://bankline.itau.work/login.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.108.42.79 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-108-42-79.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
4a491bb28773d9f68ab5c3c65741aa1b0de90f3869f336cb068d3846898ca270

Request headers

Referer
https://bankline.itau.work/login.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sat, 18 Apr 2020 02:14:10 GMT
Content-Encoding
gzip
Last-Modified
Tue, 05 Nov 2019 23:58:57 GMT
ETag
"1211a4-dddd-596a2371bf240"
Vary
Accept-Encoding
Content-Type
text/css
Access-Control-Allow-Origin
*
Cache-Control
max-age=82969
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
10672
Expires
Sun, 19 Apr 2020 01:16:59 GMT
angularjs-iwebcomponents-pf.css
estatico.itau.com.br/ibanking/commons/css/pessoa-fisica/ 		272 KB
140 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://estatico.itau.com.br/ibanking/commons/css/pessoa-fisica/angularjs-iwebcomponents-pf.css
Requested by
Host: bankline.itau.work
URL: https://bankline.itau.work/login.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.108.42.79 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-108-42-79.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
462ac6899df479288deeed4501c6f4b9e2574599f81db4cab6ce6a75d3a2725f

Request headers

Referer
https://bankline.itau.work/login.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sat, 18 Apr 2020 02:14:10 GMT
Content-Encoding
gzip
Last-Modified
Wed, 01 Apr 2020 17:48:11 GMT
ETag
"1211a2-43e2b-5a23e49a86cc0"
Vary
Accept-Encoding
Content-Type
text/css
Access-Control-Allow-Origin
*
Cache-Control
max-age=83044
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
142718
Expires
Sun, 19 Apr 2020 01:18:14 GMT
itau-style.css
estatico.itau.com.br/ibanking/commons/css/pessoa-fisica/ 		404 KB
83 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://estatico.itau.com.br/ibanking/commons/css/pessoa-fisica/itau-style.css
Requested by
Host: bankline.itau.work
URL: https://bankline.itau.work/login.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.108.42.79 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-108-42-79.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
03153f390c51b94da9f8377d25bf8c17fbfc8d10216104f8a8c6282aadfedf81

Request headers

Referer
https://bankline.itau.work/login.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sat, 18 Apr 2020 02:14:10 GMT
Content-Encoding
gzip
Last-Modified
Wed, 01 Apr 2020 17:48:11 GMT
ETag
"1211a3-650d4-5a23e49a86cc0"
Vary
Accept-Encoding
Content-Type
text/css
Access-Control-Allow-Origin
*
Cache-Control
max-age=83121
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
84712
Expires
Sun, 19 Apr 2020 01:19:31 GMT
itau-header.css
estatico.itau.com.br/ibanking/commons/css/ 		62 KB
12 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://estatico.itau.com.br/ibanking/commons/css/itau-header.css
Requested by
Host: bankline.itau.work
URL: https://bankline.itau.work/login.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.108.42.79 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-108-42-79.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
dcb3b74842eff1cf9479b9578b75d5841113479809407d799d847b321c86e94f

Request headers

Referer
https://bankline.itau.work/login.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sat, 18 Apr 2020 02:14:10 GMT
Content-Encoding
gzip
Last-Modified
Wed, 01 Apr 2020 17:48:11 GMT
ETag
"1020b4-f6ae-5a23e49a86cc0"
Vary
Accept-Encoding
Content-Type
text/css
Access-Control-Allow-Origin
*
Cache-Control
max-age=83057
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
11706
Expires
Sun, 19 Apr 2020 01:18:27 GMT
itau-footer.css
estatico.itau.com.br/ibanking/commons/css/ 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://estatico.itau.com.br/ibanking/commons/css/itau-footer.css
Requested by
Host: bankline.itau.work
URL: https://bankline.itau.work/login.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.108.42.79 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-108-42-79.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
93622f43a63e42bf97f01bb7010e660412f54c4d5d3d6f84ce50333beebc8fad

Request headers

Referer
https://bankline.itau.work/login.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sat, 18 Apr 2020 02:14:10 GMT
Content-Encoding
gzip
Last-Modified
Wed, 01 Apr 2020 17:48:11 GMT
ETag
"626e3-ed8-5a23e49a86cc0"
Vary
Accept-Encoding
Content-Type
text/css
Access-Control-Allow-Origin
*
Cache-Control
max-age=82996
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1052
Expires
Sun, 19 Apr 2020 01:17:26 GMT
chosen.css
estatico.itau.com.br/ibanking/commons/css/chosen/ 		13 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://estatico.itau.com.br/ibanking/commons/css/chosen/chosen.css
Requested by
Host: bankline.itau.work
URL: https://bankline.itau.work/login.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.108.42.79 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-108-42-79.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
538818d855c973751510b1d7923c1d784c02c83d88924616aa397a9ee96c7a4a

Request headers

Referer
https://bankline.itau.work/login.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sat, 18 Apr 2020 02:14:10 GMT
Content-Encoding
gzip
Last-Modified
Wed, 01 Apr 2020 17:48:07 GMT
ETag
"101f7a-3251-5a23e496b63c0"
Vary
Accept-Encoding
Content-Type
text/css
Access-Control-Allow-Origin
*
Cache-Control
max-age=83055
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2754
Expires
Sun, 19 Apr 2020 01:18:25 GMT
libs.js
estatico.itau.com.br/ibanking/distribution/libs/1.0.33/ 		3 MB
797 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://estatico.itau.com.br/ibanking/distribution/libs/1.0.33/libs.js
Requested by
Host: bankline.itau.work
URL: https://bankline.itau.work/login.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.108.42.79 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-108-42-79.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
95d5af37c95ec724b78c3ed80e0ab5990bbe1550038be64f9ad671690964dc5b

Request headers

Referer
https://bankline.itau.work/login.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sat, 18 Apr 2020 02:14:10 GMT
Content-Encoding
gzip
Last-Modified
Fri, 06 Mar 2020 16:07:47 GMT
ETag
"be3-281339-5a031dab9bac0"
Vary
Accept-Encoding
Content-Type
text/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=83061
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
816121
Expires
Sun, 19 Apr 2020 01:18:31 GMT
front.js
estatico.itau.com.br/ibanking/distribution/front/1.1.1/ 		332 KB
86 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://estatico.itau.com.br/ibanking/distribution/front/1.1.1/front.js
Requested by
Host: bankline.itau.work
URL: https://bankline.itau.work/login.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.108.42.79 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-108-42-79.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
f04eaa27c9555248f6d3a0c02b551d878797415342114e275f342fde652014fb

Request headers

Referer
https://bankline.itau.work/login.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sat, 18 Apr 2020 02:14:10 GMT
Content-Encoding
gzip
Last-Modified
Tue, 31 Mar 2020 21:31:53 GMT
ETag
"a0590-52f19-5a22d4bd48440"
Vary
Accept-Encoding
Content-Type
text/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=83056
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
87374
Expires
Sun, 19 Apr 2020 01:18:26 GMT
logo-itau.png
estatico.itau.com.br/ibanking/commons/img/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://estatico.itau.com.br/ibanking/commons/img/logo-itau.png
Requested by
Host: bankline.itau.work
URL: https://bankline.itau.work/login.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.108.42.79 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-108-42-79.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
0c489fc6a4d1005640a88bfc3f670615236d9a28f2d024a309a5967502be49ac

Request headers

Referer
https://bankline.itau.work/login.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sat, 18 Apr 2020 02:14:10 GMT
Last-Modified
Wed, 01 Apr 2020 17:48:23 GMT
ETag
"61aa4-19f6-5a23e4a5f87c0"
Content-Type
image/png
Access-Control-Allow-Origin
*
Cache-Control
max-age=83030
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
6646
Expires
Sun, 19 Apr 2020 01:18:00 GMT
gtm.js
www.googletagmanager.com/ 		272 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-NNRPQN6
Requested by
Host: www.itau.com.br
URL: https://www.itau.com.br/_arquivosestaticos/Itau/defaultTheme/js/da/framework/importLibJSFrameworkDA.js?GTM-NNRPQN6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:814::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
fc5a20fe3df2558896d271f21abb5d67defdb22d767afb14378a7a7307b537d5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://bankline.itau.work/login.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sat, 18 Apr 2020 02:14:10 GMT
content-encoding
br
vary
Accept-Encoding
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
62843
x-xss-protection
0
last-modified
Sat, 18 Apr 2020 00:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sat, 18 Apr 2020 02:14:10 GMT
bg-itau.gif
estatico.itau.com.br/ibanking/commons/img/ 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://estatico.itau.com.br/ibanking/commons/img/bg-itau.gif
Requested by
Host: bankline.itau.work
URL: https://bankline.itau.work/login.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.108.42.79 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-108-42-79.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
4de407fc76d38586d90abfe4dae2528b49066ba4745db0c38fa78c99c939f8e8

Request headers

Referer
https://estatico.itau.com.br/ibanking/commons/css/pessoa-fisica/itau-style.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sat, 18 Apr 2020 02:14:10 GMT
Last-Modified
Wed, 01 Apr 2020 17:48:14 GMT
ETag
"101290-589e-5a23e49d63380"
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
max-age=83017
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
22686
Expires
Sun, 19 Apr 2020 01:17:47 GMT
stroke-internet_computador-45x45.png
estatico.itau.com.br/ibanking/commons/img/icones/warning/laranja/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://estatico.itau.com.br/ibanking/commons/img/icones/warning/laranja/stroke-internet_computador-45x45.png
Requested by
Host: bankline.itau.work
URL: https://bankline.itau.work/login.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.108.42.79 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-108-42-79.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
0edc35ba4d8865809fb961815d1161fbf8ba2c3913c8af1084e2d6913217c1d1

Request headers

Referer
https://estatico.itau.com.br/ibanking/commons/css/pessoa-fisica/itau-style.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sat, 18 Apr 2020 02:14:10 GMT
Last-Modified
Wed, 01 Apr 2020 17:48:22 GMT
ETag
"101c41-4b1-5a23e4a504580"
Content-Type
image/png
Access-Control-Allow-Origin
*
Cache-Control
max-age=83216
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1201
Expires
Sun, 19 Apr 2020 01:21:06 GMT
sprite-icon-peq.png
estatico.itau.com.br/ibanking/commons/img/ 		118 KB
118 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://estatico.itau.com.br/ibanking/commons/img/sprite-icon-peq.png
Requested by
Host: bankline.itau.work
URL: https://bankline.itau.work/login.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.108.42.79 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-108-42-79.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
5977c3dbce96535178589debd3760c749cf49a68ee3d20d9b5ff398ae002c78e

Request headers

Referer
https://estatico.itau.com.br/ibanking/commons/css/pessoa-fisica/itau-style.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sat, 18 Apr 2020 02:14:10 GMT
Last-Modified
Wed, 01 Apr 2020 17:48:24 GMT
ETag
"62528-1d86a-5a23e4a6eca00"
Content-Type
image/png
Access-Control-Allow-Origin
*
Cache-Control
max-age=83021
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
120938
Expires
Sun, 19 Apr 2020 01:17:51 GMT
bullet-default.png
estatico.itau.com.br/ibanking/commons/img/ 		946 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://estatico.itau.com.br/ibanking/commons/img/bullet-default.png
Requested by
Host: bankline.itau.work
URL: https://bankline.itau.work/login.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.108.42.79 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-108-42-79.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e4dab87b71e063c9460592c99ac38a8471ba8a6e5251d0bb08bc66af5be0f1dc

Request headers

Referer
https://estatico.itau.com.br/ibanking/commons/css/pessoa-fisica/itau-style.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sat, 18 Apr 2020 02:14:10 GMT
Last-Modified
Wed, 01 Apr 2020 17:48:14 GMT
ETag
"61143-3b2-5a23e49d63380"
Content-Type
image/png
Access-Control-Allow-Origin
*
Cache-Control
max-age=83095
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
946
Expires
Sun, 19 Apr 2020 01:19:05 GMT
sprite-social.png
estatico.itau.com.br/ibanking/commons/img/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://estatico.itau.com.br/ibanking/commons/img/sprite-social.png
Requested by
Host: estatico.itau.com.br
URL: https://estatico.itau.com.br/ibanking/distribution/libs/1.0.33/libs.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.108.42.79 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-108-42-79.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
7c39a17d06e60246090b71f94008de8ef7bcd2ad59189376f02e3273ae9e9de4

Request headers

Referer
https://estatico.itau.com.br/ibanking/commons/css/itau-footer.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sat, 18 Apr 2020 02:14:10 GMT
Last-Modified
Wed, 01 Apr 2020 17:48:24 GMT
ETag
"1013b7-af8-5a23e4a6eca00"
Content-Type
image/png
Access-Control-Allow-Origin
*
Cache-Control
max-age=83037
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2808
Expires
Sun, 19 Apr 2020 01:18:07 GMT
id
dpm.demdex.net/ 		4 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://dpm.demdex.net/id?d_visid_ver=4.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=4435697753736FB20A490D45%40AdobeOrg&d_nsid=0&ts=1587176050969
Requested by
Host: www.itau.com.br
URL: https://www.itau.com.br/_arquivosestaticos/Itau/defaultTheme/js/da/framework/importLibJSFrameworkDA.js?GTM-NNRPQN6
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.171.13.159 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-171-13-159.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
c5fbdfb2ad8dfee69b408886cb3e921f71ded28a860f7cbcd932c4a765831951
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://bankline.itau.work/login.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

DCS
dcs-prod-irl1-v065-044ffac7c.edge-irl1.demdex.com 5.66.0.20200408080925 2ms (+1ms)
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Encoding
gzip
X-TID
tURJH0JrRPg=
Vary
Origin, Accept-Encoding, User-Agent
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin
https://bankline.itau.work
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json;charset=utf-8
Content-Length
1203
Expires
Thu, 01 Jan 1970 00:00:00 GMT
analytics.js
www.google-analytics.com/ 		44 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NNRPQN6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:818::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
eaf1b128b927ac2868755cb7366d35554255c8af362235afe270f9614f8c806d
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://bankline.itau.work/login.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 06 Feb 2020 00:21:02 GMT
server
Golfe2
age
2137
date
Sat, 18 Apr 2020 01:38:34 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
18174
expires
Sat, 18 Apr 2020 03:38:34 GMT
js
www.google-analytics.com/gtm/ 		116 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/gtm/js?id=GTM-M8GGLGX&t=itau&cid=941216560.1587176051
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:818::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
4f4ca40c168f156ed6a66323b8722b8f712898bd2b73fcd7be396aab39e910b6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://bankline.itau.work/login.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sat, 18 Apr 2020 02:14:11 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
status
200
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
30949
x-xss-protection
0
expires
Sat, 18 Apr 2020 02:14:11 GMT
Cookie set dest5.html
itau.demdex.net/ Frame F8E6 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://itau.demdex.net/dest5.html?d_nsid=0
Requested by
Host: www.itau.com.br
URL: https://www.itau.com.br/_arquivosestaticos/Itau/defaultTheme/js/da/framework/importLibJSFrameworkDA.js?GTM-NNRPQN6
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.171.13.159 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-171-13-159.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Host
itau.demdex.net
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://bankline.itau.work/login.php
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
demdex=09879435724977119864563206492957920443
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://bankline.itau.work/login.php

Response headers

Accept-Ranges
bytes
Cache-Control
max-age=21600
Content-Encoding
gzip
Content-Type
text/html
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Last-Modified
Wed, 08 Apr 2020 13:36:25 GMT
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma
no-cache
Set-Cookie
demdex=09879435724977119864563206492957920443;Path=/;Domain=.demdex.net;Expires=Thu, 15-Oct-2020 02:14:11 GMT;Max-Age=15552000;Secure;SameSite=None
Strict-Transport-Security
max-age=31536000; includeSubDomains
Vary
Accept-Encoding, User-Agent
X-TID
GtCP1RxkQGY=
Content-Length
2785
Connection
keep-alive
ibs:dpid=411&dpuuid=XppicwAAAep3Fi3-
dpm.demdex.net/
Redirect Chain
  • https://cm.everesttech.net/cm/dd?d_uuid=09879435724977119864563206492957920443
  • https://dpm.demdex.net/ibs:dpid=411&dpuuid=XppicwAAAep3Fi3-
42 B
915 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=411&dpuuid=XppicwAAAep3Fi3-
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.171.13.159 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-171-13-159.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://bankline.itau.work/login.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

DCS
dcs-prod-irl1-v065-0e6803665.edge-irl1.demdex.com 5.66.0.20200408080925 1ms (+0ms)
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
X-TID
sRNa1HdmRWQ=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
42
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Date
Sat, 18 Apr 2020 02:14:11 GMT
Server
AMO-cookiemap/1.1
P3P
CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"
Location
https://dpm.demdex.net/ibs:dpid=411&dpuuid=XppicwAAAep3Fi3-
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=15,max=100
Content-Length
0
event
itau.demdex.net/ 		4 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://itau.demdex.net/event?d_dil_ver=9.3&_ts=1587176051519
Requested by
Host: www.itau.com.br
URL: https://www.itau.com.br/_arquivosestaticos/Itau/defaultTheme/js/da/framework/importLibJSFrameworkDA.js?GTM-NNRPQN6
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.171.13.159 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-171-13-159.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
91fb47461a7fce501986e3b0a5fdc7424b3b948b6318fd5612cb67b02971e66c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://bankline.itau.work/login.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

DCS
dcs-prod-irl1-v065-068e20a35.edge-irl1.demdex.com 5.66.0.20200408080925 4ms (+1ms)
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-TID
pDsu4KLkSus=
Vary
Origin
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin
https://bankline.itau.work
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json;charset=utf-8
Content-Length
4005
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Banco Itau (Banking)

192 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate string| _containerGTM function| initAdobeAudienceManager function| dataLayerBuilderToAdobeAudienceManager function| readCookie object| dataLayer object| _Dil function| saveAs object| swfobject object| angular object| @uirouter/angularjs function| $ function| jQuery function| moment object| Mustache object| jQuery111109100332744980788 function| introJs object| hopscotch object| Handlebars function| Cookies function| io function| Vue function| updateCoachmark function| closeDialog function| feedbackLikertSuccess object| a11yMoneyMask object| __core-js_shared__ object| core function| IMask function| lity number| browserMinIe number| browserMinFirefox number| browserMinChrome number| browserMinOpera number| browserMinSafari string| nAgt undefined| nameOffset number| verOffset number| ix undefined| start undefined| end boolean| browserAntigoStatus undefined| incBannerMsg number| timeOutAutoTab function| iniciaAutotab function| abrirSecao function| fecharOutrasAbas function| jsonSubmit function| ajaxSubmit function| serializeObject function| isCpf function| mascara_tel function| emailValido function| telefoneValido function| moeda function| exibeAjuda function| formata_Reais function| cepPreenchidoCorreto function| consisteCEP function| resetForm function| mascara_data function| mascara_cpf function| mascara_CNPJ function| soNumero function| somenteNumeros function| formataCEP function| checkDate function| checkDate2 function| formataCPF function| pad function| formataData function| apenasNumeros object| SwitchElements function| inicializaSelectsChosen function| ehCpfValido object| $scopeAccessibility function| mudaCssErroPika function| retornaCssErroPika function| tratarSaidaErro function| configureForm object| mensagensValidacao function| initFormValidationEvents function| initTextInputEvents function| printTooltip function| adjustTooltipPosition function| getElementPosition function| popAjuda function| zebrarTabela function| mascararCpf function| mascararCnpj function| mascararTel function| mascararTelDdd function| mascararTelDdiDdd function| formatarValorMonetario function| formatarValorInteiro function| imprimirComprovante function| abreCalculadora function| ApagaSenha function| tabAutom function| comprovantePrint function| convertTextEncoding function| comprovantePDF function| saveAsPdf function| criarPdf function| imprimirHtml function| abrirJanelaImpressao function| imprimirTemplateHTML function| removerMensagemErroImpressaoHTML function| imprimirTemplateFrameHTML function| salvarEmPDF function| convertHtmlEntity function| gravaCookie function| leCookie function| validaSenhaAjaxRequest object| Digito function| Cpf function| Cnpj function| insertBalloon function| removeBalloon function| insertBalloonTxtArea function| removeBalloonTxtArea undefined| controlePosTour object| tourElements object| tourElementsApp object| CalendarioFixoHelper undefined| linhasCalendario undefined| colunasCalendario object| calendarioFixo object| VitrineCliqueBox function| onCliqueVitrine function| ShowMultiple object| loadingAjax object| adobeDataLayer object| GA object| uiConfiguration function| configuraEventoCtrlHome function| defineTabindexDinamico function| defineTabIndexBusca function| verificaZoom function| customInterval function| setFocusDocument function| checaTituloPagina function| feedbackAcessibilidade function| verificaBoxCarrinho function| customErrorBox function| customErrorPlacement function| customSuccessRemove function| customMask function| gerarCSV function| gerarTXT object| ItauJs object| Module function| forceKeyboardNumeric function| mobileAndTabletcheck function| formatToPdf function| Pikaday object| BoxHelper function| loadHomePage function| startApp object| BoxCarrinho string| carrinhoView function| vpwreturn object| AsyncHelper function| redirectEsqueciSenha function| removerToolTip function| mostrarToolTip function| showBalloon function| hideBalloon function| removerPlaceHolderSenha function| adicionarPlaceHolderSenha function| senhaTamanhoIncorreto function| campoSenhaVazio undefined| btPress object| google_tag_manager object| analyticsHelper undefined| adobeS string| cookieH2OKey object| localAdManager object| adobe function| Visitor function| DIL object| s_c_il number| s_c_in object| sAdobeAudienceManagerAppMeasurement string| GoogleAnalyticsObject function| ga object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| google_optimize

4 Cookies

Domain/Path Name / Value
.itau.work/ Name: _ga
Value: GA1.2.941216560.1587176051
.itau.work/ Name: _gid
Value: GA1.2.1769723281.1587176051
.itau.work/ Name: AMCV_4435697753736FB20A490D45%40AdobeOrg
Value: 1585540135%7CMCIDTS%7C18371%7CvVersion%7C4.4.0
bankline.itau.work/ Name: conta
Value: -

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bankline.itau.work
cm.everesttech.net
dpm.demdex.net
estatico.itau.com.br
itau.demdex.net
www.google-analytics.com
www.googletagmanager.com
www.itau.com.br
104.108.42.79
2.18.233.32
2a00:1450:4001:814::2008
2a00:1450:4001:818::200e
54.171.13.159
66.117.28.86
91.212.150.161
03153f390c51b94da9f8377d25bf8c17fbfc8d10216104f8a8c6282aadfedf81
0c489fc6a4d1005640a88bfc3f670615236d9a28f2d024a309a5967502be49ac
0e40c09f0f8471f46459b9dcd69c1d06f8d76f0b9bbc4b49a9d734f6c462db72
0edc35ba4d8865809fb961815d1161fbf8ba2c3913c8af1084e2d6913217c1d1
462ac6899df479288deeed4501c6f4b9e2574599f81db4cab6ce6a75d3a2725f
4a491bb28773d9f68ab5c3c65741aa1b0de90f3869f336cb068d3846898ca270
4de407fc76d38586d90abfe4dae2528b49066ba4745db0c38fa78c99c939f8e8
4f4ca40c168f156ed6a66323b8722b8f712898bd2b73fcd7be396aab39e910b6
538818d855c973751510b1d7923c1d784c02c83d88924616aa397a9ee96c7a4a
5977c3dbce96535178589debd3760c749cf49a68ee3d20d9b5ff398ae002c78e
6a0875dc45285559620fcd78e4d0c42688204399b666bb34ae84f08df7c835a5
7c39a17d06e60246090b71f94008de8ef7bcd2ad59189376f02e3273ae9e9de4
91fb47461a7fce501986e3b0a5fdc7424b3b948b6318fd5612cb67b02971e66c
93622f43a63e42bf97f01bb7010e660412f54c4d5d3d6f84ce50333beebc8fad
95d5af37c95ec724b78c3ed80e0ab5990bbe1550038be64f9ad671690964dc5b
b5da2535938d1f28235c349dfd95e602eab8e837b885c8fc5459818b28897917
c5fbdfb2ad8dfee69b408886cb3e921f71ded28a860f7cbcd932c4a765831951
dcb3b74842eff1cf9479b9578b75d5841113479809407d799d847b321c86e94f
df81555903269b534df2fc03456df06262033741338bb9293db14175fc978b38
e4dab87b71e063c9460592c99ac38a8471ba8a6e5251d0bb08bc66af5be0f1dc
eaf1b128b927ac2868755cb7366d35554255c8af362235afe270f9614f8c806d
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f04eaa27c9555248f6d3a0c02b551d878797415342114e275f342fde652014fb
fc5a20fe3df2558896d271f21abb5d67defdb22d767afb14378a7a7307b537d5